BugTraq Mode:
(Page 6 of 1570)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
SEC Consult SA-20141029-1 :: Persistent cross site scripting in Confluence RefinedWiki Original Theme 2014-10-29
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20141029-1 >
=======================================================================
title: Persistent cross site scripting
product: Confluence RefinedWiki Original Theme
vulnerable version: 3.x - 4.0.x
fixed version:

[ more ]  [ reply ]
Multiple vulnerabilities in EspoCRM 2014-10-29
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23238
Product: EspoCRM
Vendor: http://www.espocrm.com
Vulnerable Version(s): 2.5.2 and probably prior
Tested Version: 2.5.2
Advisory Publication: October 8, 2014 [without technical details]
Vendor Notification: October 8, 2014
Vendor Patch: October 10, 2014
Public Disclosure: Oct

[ more ]  [ reply ]
[ MDVSA-2014:212 ] wget 2014-10-29
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:212
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:211 ] wpa_supplicant 2014-10-29
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:211
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
SEC Consult SA-20141029-0 :: Multiple critical vulnerabilities in Vizensoft Admin Panel 2014-10-29
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20141029-0 >
=======================================================================
title: Multiple critical vulnerabilities
product: Vizensoft Admin Panel
vulnerable version: 2014
fixed version: -
impac

[ more ]  [ reply ]
[security bulletin] HPSBUX03159 SSRT101785 rev.1 - HP-UX kernel, Local Denial of Service (DoS) 2014-10-28
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04491186

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04491186
Version: 1

HPSBUX03159 SS

[ more ]  [ reply ]
[SECURITY] [DSA 3050-2] xulrunner update 2014-10-28
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3050-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
October 28, 2014

[ more ]  [ reply ]
phpfusion (Search Page) Denial of Service Vulnerability 2014-10-28
iedb team gmail com
phpfusion All version suffers from a denial of service vulnerability.

#!/usr/bin/perl
#################################
#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@
# @@@ @@

[ more ]  [ reply ]
IEEE Technically Co-sponsored - Third International Conference on Digital Information, Networking, and Wireless Communications || RUSSIA 2014-10-28
liezelle sdiwc info
All the papers will be submitted to IEEE for potential inclusion to IEEE
Xplore as well as other Abstracting and Indexing (A&I) databases.
========================================================================

CALL FOR PAPERS
The Third International Conference on Digital Inform

[ more ]  [ reply ]
[security bulletin] HPSBST03160 rev.1 - HP XP Command View Advanced Edition running Apache Struts, Remote Execution of Arbitrary Code 2014-10-27
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04473828

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04473828
Version: 1

HPSBST03160 re

[ more ]  [ reply ]
[security bulletin] HPSBHF03156 rev.1 - HP TippingPoint Intrusion Prevention System (IPS) Local Security Manager (LSM) running SSL, Remote Disclosure of Information 2014-10-27
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04487990

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04487990
Version: 1

HPSBHF03156 r

[ more ]  [ reply ]
Re: vulnerabilities in libbfd (CVE-2014-beats-me) 2014-10-27
Mike Frysinger (vapier gentoo org)
On 27 Oct 2014 14:57, Maciej W. Rozycki wrote:
> On Sun, 26 Oct 2014, Michal Zalewski wrote:
> > Many shell users, and certainly a lot of the people working in
> > computer forensics or other fields of information security, have a
> > habit of running /usr/bin/strings on binary files originating fro

[ more ]  [ reply ]
Google Youtube - Filter Bypass & Persistent Vulnerability [9-5942000004564] (PoC Video Demonstration) 2014-10-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Google Youtube - Filter Bypass & Persistent Vulnerability [9-5942000004564] (PoC Video Demonstration)

References:
===========
http://www.vulnerability-lab.com/get_content.php?id=1352

Google Security ID: [9-5942000004564]

View: https://www.youtube.com/watch?v=656LM

[ more ]  [ reply ]
Folder Plus v2.5.1 iOS - Persistent Item Vulnerability 2014-10-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Folder Plus v2.5.1 iOS - Persistent Item Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1348

Release Date:
=============
2014-10-24

Vulnerability Laboratory ID (VL-ID):
================================

[ more ]  [ reply ]
Apple iOS v8.0.2 - Silent Contact Denial of Service Vulnerability 2014-10-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Apple iOS v8.0.2 - Silent Contact Denial of Service Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1324

Video: http://www.vulnerability-lab.com/get_content.php?id=1333

Article: http://vulnerability-db.co

[ more ]  [ reply ]
iFileExplorer v6.51 iOS - File Include Web Vulnerability 2014-10-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
iFileExplorer v6.51 iOS - File Include Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1345

Release Date:
=============
2014-10-22

Vulnerability Laboratory ID (VL-ID):
==============================

[ more ]  [ reply ]
WebDisk+ v2.1 iOS - Code Execution Vulnerability 2014-10-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
WebDisk+ v2.1 iOS - Code Execution Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1349

Release Date:
=============
2014-10-23

Vulnerability Laboratory ID (VL-ID):
====================================
1

[ more ]  [ reply ]
[SECURITY] [DSA 3058-1] torque security update 2014-10-27
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3058-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
October 27, 2014

[ more ]  [ reply ]
[ MDVSA-2014:210 ] mariadb 2014-10-28
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:210
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[security bulletin] HPSBST03157 rev.1 - HP StoreEver ESL E-series Tape Library and HP Virtual Library System (VLS) running Bash Shell, Remote Code Execution 2014-10-27
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04488200

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04488200
Version: 1

HPSBST03157 re

[ more ]  [ reply ]
[security bulletin] HPSBMU03152 rev.1 - HP Operations Orchestration running SSL, Remote Disclosure of Information 2014-10-27
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04486577

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04486577
Version: 1

HPSBMU03152 re

[ more ]  [ reply ]
[SECURITY] [DSA 3057-1] libxml2 security update 2014-10-26
Thijs Kinkhorst (thijs debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3057-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Thijs Kinkhorst
October 26, 2014

[ more ]  [ reply ]
vulnerabilities in libbfd (CVE-2014-beats-me) 2014-10-26
Michal Zalewski (lcamtuf coredump cx)
Yo,

Many shell users, and certainly a lot of the people working in
computer forensics or other fields of information security, have a
habit of running /usr/bin/strings on binary files originating from the
Internet. Their understanding is that the tool simply scans the file
for runs of printable cha

[ more ]  [ reply ]
Call for Papers - WorldCIST'15 - Azores, 1 - 3 April 2015 2014-10-25
ML (marialemos72 gmail com)
------
WorldCIST'15 - 3rd World Conference on Information Systems and Technologies
Ponta Delgada, Azores *, Portugal
1 - 3 April 2015
http://www.aisti.eu/worldcist15/
------
* Azores is ranked as the second most beautiful archipelago in the world by National Geographic.
------------

SCOPE

The Wo

[ more ]  [ reply ]
[SECURITY] [DSA 3056-1] libtasn1-3 security update 2014-10-26
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3056-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Sebastien Delafond
October 26, 2014

[ more ]  [ reply ]
[CVE-2014-8347] Filemaker Login Bypass and Privilege Escalation 2014-10-25
g-damore outlook com
Filemaker Login Bypass and Privilege Escalation
=======================================================================

[ADVISORY INFORMATION]

Title: Filemaker Login Bypass and Privilege Escalation
Discovery date: 19/10/2014
Release date: 19/10/2014
Vendor Homepage: www.filemaker.com
Ver

[ more ]  [ reply ]
NEW VMSA-2014-0011 VMware vSphere Data Protection product update addresses a critical information disclosure vulnerability 2014-10-24
VMware Security Response Center (security vmware com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------

VMware Security Advisory

Advisory ID: VMSA-2014-0011
Synopsis: VMware vSphere Data Protection product update addresses a
critical information

[ more ]  [ reply ]
iTunes 12.0.1 for Windows: still COMPLETELY outdated and VULNERABLE 3rd party libraries 2014-10-24
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

the just released iTunes 12.0.1 for Windows still (cf.
<http://seclists.org/fulldisclosure/2014/Jul/30>) comes
with COMPLETELY outdated and VULNERAEBLE 3rd party libraries
(as part of AppleMobileDeviceSupport.msi):

* libeay32.dll and ssleay32.dll 0.9.8d

are more than SEVEN years old a

[ more ]  [ reply ]
Still beginner's errors (and outdated 3rd party components) in QuickTime 7.7.6 and iTunes 12.0.1 2014-10-24
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

the just released QuickTime 7.7.6 and iTunes 12.0.1 for Windows still
have quite some of the beginners errors I documented in
<http://seclists.org/fulldisclosure/2014/Aug/33> and
<http://seclists.org/fulldisclosure/2014/Aug/44>

QuickTime 7.7.6:

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\

[ more ]  [ reply ]
[ MDVSA-2014:209 ] java-1.7.0-openjdk 2014-10-24
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:209
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
(Page 6 of 1570)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus